CVE-2023-4976

EUVD-2023-54812
A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
purestorageflashblade
3.3.5 ≤
𝑥
≤ 3.3.10
ADP
purestorageflashblade
4.0.4 ≤
𝑥
≤ 4.0.6
ADP
purestorageflashblade
4.1.0 ≤
𝑥
≤ 4.1.8
ADP
purestorageflashblade
4.2.0 ≤
𝑥
≤ 4.2.2
ADP
Common Weakness Enumeration
References
https://www.purestorage.com/security
https://purestorage.com/security